zaterdag 16 oktober 2010

bsmconv, bsmunconv – enable or disable Solaris Auditing

Synopsis/etc/security/bsmconv [rootdir].../etc/security/bsmunconv [rootdir]...DescriptionThe bsmconv and bsmunconv scripts are used to enable or disable the BSM features on a Solaris system. The optional argument rootdir is a list of one or more root directories of diskless clients that have already been configured. See smdiskless(1M).

To enable or disable BSM on a diskless client, a server, or a stand-alone system, logon as super-user to the system being converted and use the bsmconv or bsmunconv commands without any options.

To enable or disable BSM on a diskless client from that client's server, logon to the server as super-user and use bsmconv, specifying the root directory of each diskless client you wish to affect. For example, the command:

myhost# bsmconv /export/root/client1 /export/root/client2 enables BSM on the two machines named client1 and client2. While the command:

myhost# bsmconv enables BSM only on the machine called myhost. It is no longer necessary to enable BSM on both the server and its diskless clients.

After running bsmconv the system can be configured by editing the files in /etc/security. Each diskless client has its own copy of configuration files in its root directory. You might want to edit these files before rebooting each client.

Following the completion of either script, the affected system(s) should be rebooted to allow the auditing subsystem to come up properly initialized.